@vforsh/argus 0.1.9 → 0.1.10

package/dist/argus.js

@@ -5,29 +5,15 @@ var __getProtoOf = Object.getPrototypeOf;
 var __defProp = Object.defineProperty;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
-function __accessProp(key) {
-  return this[key];
-}
-var __toESMCache_node;
-var __toESMCache_esm;
 var __toESM = (mod, isNodeMode, target) => {
-  var canCache = mod != null && typeof mod === "object";
-  if (canCache) {
-    var cache = isNodeMode ? __toESMCache_node ??= new WeakMap : __toESMCache_esm ??= new WeakMap;
-    var cached = cache.get(mod);
-    if (cached)
-      return cached;
-  }
   target = mod != null ? __create(__getProtoOf(mod)) : {};
   const to = isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target;
   for (let key of __getOwnPropNames(mod))
     if (!__hasOwnProp.call(to, key))
       __defProp(to, key, {
-        get: __accessProp.bind(mod, key),
+        get: () => mod[key],
         enumerable: true
       });
-  if (canCache)
-    cache.set(mod, to);
   return to;
 };
 var __commonJS = (cb, mod) => () => (mod || cb((mod = { exports: {} }).exports, mod), mod.exports);
@@ -2595,6 +2581,31 @@ var findTextPatternMatch = (line, pattern) => {
     length: Math.max(1, matched[0]?.length ?? 0)
   };
 };
+// ../argus-core/dist/auth/cookies.js
+var TRACKING_COOKIE_PATTERNS = [/^_ga/i, /^_gid$/i, /^_ym/i, /^_fbp$/i, /^_hj/i, /^amplitude/i, /^mp_/i];
+var normalizeCookieDomainFilter = (domain) => {
+  if (!domain) {
+    return null;
+  }
+  const normalized = normalizeCookieDomain(domain);
+  return normalized || null;
+};
+var matchesCookieDomain = (cookieDomain, domain) => {
+  if (!domain) {
+    return true;
+  }
+  const normalizedDomain = normalizeCookieDomain(cookieDomain);
+  return normalizedDomain === domain || normalizedDomain.endsWith(`.${domain}`);
+};
+var getOriginHost = (origin) => {
+  try {
+    return new URL(origin).hostname;
+  } catch {
+    return null;
+  }
+};
+var isTrackingCookieName = (name) => TRACKING_COOKIE_PATTERNS.some((pattern) => pattern.test(name));
+var normalizeCookieDomain = (domain) => domain.trim().toLowerCase().replace(/^\./, "");
 // dist/registry.js
 var loadRegistry = async () => {
   const { registry: registry2, warnings } = await readRegistry();
@@ -4156,6 +4167,10 @@ class NetBuffer {
     const filtered = this.events.filter((event) => event.id > after && matchesFilters2(event, filters));
     return filtered.slice(0, limit);
   }
+  list(filters, limit = this.maxSize) {
+    const filtered = this.events.filter((event) => matchesFilters2(event, filters));
+    return filtered.slice(0, limit);
+  }
   waitForAfter(after, filters, limit, timeoutMs) {
     const immediate = this.listAfter(after, filters, limit);
     if (immediate.length > 0) {
@@ -4501,6 +4516,77 @@ var handle5 = async (_req, res, url, ctx) => {
   respondJson(res, response);
 };
 
+// ../argus-watcher/dist/cdp/auth.js
+var inspectAuthCookies = async (session, options) => {
+  const [origin, cookies2] = await Promise.all([capturePageOrigin(session), readCookies(session, options.includeValues === true)]);
+  const normalizedDomain = normalizeCookieDomainFilter(options.domain);
+  return {
+    ok: true,
+    origin,
+    cookies: cookies2.filter((cookie) => matchesCookieDomain(cookie.domain, normalizedDomain))
+  };
+};
+var readCookies = async (session, includeValues) => {
+  const payload = await session.sendAndWait("Network.getCookies", {}, { timeoutMs: 5000 });
+  const cookies2 = payload.cookies ?? [];
+  return cookies2.map((cookie) => normalizeCookie(cookie, includeValues)).sort(compareCookies);
+};
+var normalizeCookie = (cookie, includeValues) => {
+  const value = cookie.value ?? null;
+  return {
+    name: cookie.name ?? "",
+    domain: cookie.domain ?? "",
+    path: cookie.path ?? "/",
+    value: includeValues ? value : undefined,
+    valuePreview: value != null ? previewSecret(value) : null,
+    secure: cookie.secure === true,
+    httpOnly: cookie.httpOnly === true,
+    session: cookie.session === true,
+    expires: typeof cookie.expires === "number" && Number.isFinite(cookie.expires) ? cookie.expires : null,
+    sameSite: cookie.sameSite ?? null
+  };
+};
+var capturePageOrigin = async (session) => {
+  const payload = await session.sendAndWait("Runtime.evaluate", {
+    expression: `(() => {
+				try {
+					return new URL(location.href).origin
+				} catch {
+					throw new Error('Cannot determine origin: page is on a non-http URL (e.g., about:blank)')
+				}
+			})()`,
+    awaitPromise: false,
+    returnByValue: true
+  }, { timeoutMs: 5000 });
+  if (payload.exceptionDetails) {
+    throw new Error(payload.exceptionDetails.exception?.description ?? payload.exceptionDetails.text ?? "Failed to inspect page auth cookies");
+  }
+  return String(payload.result?.value ?? "");
+};
+var previewSecret = (value) => {
+  if (value.length <= 8) {
+    return "*".repeat(value.length);
+  }
+  return `${value.slice(0, 4)}...${value.slice(-4)}`;
+};
+var compareCookies = (a, b) => a.domain.localeCompare(b.domain) || a.path.localeCompare(b.path) || a.name.localeCompare(b.name);
+
+// ../argus-watcher/dist/http/routes/getAuthCookies.js
+var handle6 = async (_req, res, url, ctx) => {
+  const domain = normalizeQueryValue2(url.searchParams.get("domain"));
+  const includeValues = url.searchParams.get("includeValues") === "true";
+  emitRequest(ctx, res, "auth/cookies", { domain, includeValues });
+  try {
+    const response = await inspectAuthCookies(ctx.cdpSession, {
+      domain: domain ?? undefined,
+      includeValues
+    });
+    respondJson(res, response);
+  } catch (error) {
+    respondError(res, error);
+  }
+};
+
 // ../argus-watcher/dist/cdp/remoteObject.js
 var serializeRemoteObjects = async (values, cdp) => {
   if (!cdp) {
@@ -4667,7 +4753,7 @@ var shouldMaterializeByValue = (record) => {
 };
 
 // ../argus-watcher/dist/http/routes/postEval.js
-var handle6 = async (req, res, _url, ctx) => {
+var handle7 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -4691,7 +4777,7 @@ var handle6 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postTraceStart.js
-var handle7 = async (req, res, _url, ctx) => {
+var handle8 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -4706,7 +4792,7 @@ var handle7 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postTraceStop.js
-var handle8 = async (req, res, _url, ctx) => {
+var handle9 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -4721,7 +4807,7 @@ var handle8 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postScreenshot.js
-var handle9 = async (req, res, _url, ctx) => {
+var handle10 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -4976,7 +5062,7 @@ var countNodes = (nodes) => {
 };
 
 // ../argus-watcher/dist/http/routes/postSnapshot.js
-var handle10 = async (req, res, _url, ctx) => {
+var handle11 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -5001,7 +5087,7 @@ var handle10 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postCodeList.js
-var handle11 = async (req, res, _url, ctx) => {
+var handle12 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -5019,7 +5105,7 @@ var handle11 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postCodeRead.js
-var handle12 = async (req, res, _url, ctx) => {
+var handle13 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -5047,7 +5133,7 @@ var handle12 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postCodeGrep.js
-var handle13 = async (req, res, _url, ctx) => {
+var handle14 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -5505,7 +5591,7 @@ var fillResolvedNodes = async (session, nodeIds, value) => {
   return nodeIds.length;
 };
 // ../argus-watcher/dist/http/routes/postDomTree.js
-var handle14 = async (req, res, _url, ctx) => {
+var handle15 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -5542,7 +5628,7 @@ var handle14 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postDomInfo.js
-var handle15 = async (req, res, _url, ctx) => {
+var handle16 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -5767,7 +5853,7 @@ var createNotInteractableError = (message) => {
 };
 
 // ../argus-watcher/dist/http/routes/postDomHover.js
-var handle16 = async (req, res, _url, ctx) => {
+var handle17 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -5804,7 +5890,7 @@ var handle16 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postDomClick.js
-var handle17 = async (req, res, _url, ctx) => {
+var handle18 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -5998,7 +6084,7 @@ var dispatchKeydown = async (session, options) => {
 };
 
 // ../argus-watcher/dist/http/routes/postDomKeydown.js
-var handle18 = async (req, res, _url, ctx) => {
+var handle19 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -6030,7 +6116,7 @@ var handle18 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postDomAdd.js
-var handle19 = async (req, res, _url, ctx) => {
+var handle20 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -6123,7 +6209,7 @@ var selectDomAddNodeIds = (allNodeIds, options) => {
 };
 
 // ../argus-watcher/dist/http/routes/postDomRemove.js
-var handle20 = async (req, res, _url, ctx) => {
+var handle21 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -6159,7 +6245,7 @@ var handle20 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postDomModify.js
-var handle21 = async (req, res, _url, ctx) => {
+var handle22 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -6201,7 +6287,7 @@ var handle21 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postDomSetFile.js
-var handle22 = async (req, res, _url, ctx) => {
+var handle23 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -6254,7 +6340,7 @@ var handle22 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postDomFocus.js
-var handle23 = async (req, res, _url, ctx) => {
+var handle24 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -6291,7 +6377,7 @@ var handle23 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postDomFill.js
-var handle24 = async (req, res, _url, ctx) => {
+var handle25 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -6344,7 +6430,7 @@ var handle24 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postDomScroll.js
-var handle25 = async (req, res, _url, ctx) => {
+var handle26 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -6413,7 +6499,7 @@ var getViewportSize = async (session) => {
 };
 
 // ../argus-watcher/dist/http/routes/postDomScrollTo.js
-var handle26 = async (req, res, _url, ctx) => {
+var handle27 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -6472,14 +6558,14 @@ var handle26 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/getEmulation.js
-var handle27 = (_req, res, _url, ctx) => {
+var handle28 = (_req, res, _url, ctx) => {
   emitRequest(ctx, res, "emulation");
   const status = ctx.emulationController.getStatus({ attached: ctx.getCdpStatus().attached });
   respondJson(res, status);
 };
 
 // ../argus-watcher/dist/http/routes/postEmulation.js
-var handle28 = async (req, res, _url, ctx) => {
+var handle29 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -6542,14 +6628,14 @@ var handle28 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/getThrottle.js
-var handle29 = (_req, res, _url, ctx) => {
+var handle30 = (_req, res, _url, ctx) => {
   emitRequest(ctx, res, "throttle");
   const status = ctx.throttleController.getStatus({ attached: ctx.getCdpStatus().attached });
   respondJson(res, status);
 };
 
 // ../argus-watcher/dist/http/routes/postThrottle.js
-var handle30 = async (req, res, _url, ctx) => {
+var handle31 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -6647,7 +6733,7 @@ var buildActionCode = (action, key, value) => {
 };
 
 // ../argus-watcher/dist/http/routes/postStorageLocal.js
-var handle31 = async (req, res, _url, ctx) => {
+var handle32 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -6672,7 +6758,7 @@ var handle31 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postReload.js
-var handle32 = async (req, res, _url, ctx) => {
+var handle33 = async (req, res, _url, ctx) => {
   const payload = await readJsonBody(req, res);
   if (!payload) {
     return;
@@ -6690,7 +6776,7 @@ var handle32 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postShutdown.js
-var handle33 = (_req, res, _url, ctx) => {
+var handle34 = (_req, res, _url, ctx) => {
   emitRequest(ctx, res, "shutdown");
   const response = { ok: true };
   respondJson(res, response);
@@ -6702,7 +6788,7 @@ var handle33 = (_req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/getTargets.js
-var handle34 = async (_req, res, _url, ctx) => {
+var handle35 = async (_req, res, _url, ctx) => {
   if (!ctx.sourceHandle?.listTargets) {
     return respondJson(res, { ok: false, error: { message: "Not available", code: "not_available" } }, 400);
   }
@@ -6716,7 +6802,7 @@ var handle34 = async (_req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postAttach.js
-var handle35 = async (req, res, _url, ctx) => {
+var handle36 = async (req, res, _url, ctx) => {
   if (!ctx.sourceHandle?.attachTarget) {
     return respondJson(res, { ok: false, error: { message: "Not available", code: "not_available" } }, 400);
   }
@@ -6738,7 +6824,7 @@ var handle35 = async (req, res, _url, ctx) => {
 };
 
 // ../argus-watcher/dist/http/routes/postDetach.js
-var handle36 = async (req, res, _url, ctx) => {
+var handle37 = async (req, res, _url, ctx) => {
   if (!ctx.sourceHandle?.detachTarget) {
     return respondJson(res, { ok: false, error: { message: "Not available", code: "not_available" } }, 400);
   }
@@ -6766,37 +6852,38 @@ var routes = {
   "GET /tail": { handler: handle3 },
   "GET /net": { handler: handle4 },
   "GET /net/tail": { handler: handle5 },
-  "POST /eval": { handler: handle6 },
-  "POST /trace/start": { handler: handle7 },
-  "POST /trace/stop": { handler: handle8 },
-  "POST /screenshot": { handler: handle9 },
-  "POST /snapshot": { handler: handle10 },
-  "POST /code/list": { handler: handle11 },
-  "POST /code/read": { handler: handle12 },
-  "POST /code/grep": { handler: handle13 },
-  "POST /dom/tree": { handler: handle14 },
-  "POST /dom/info": { handler: handle15 },
-  "POST /dom/hover": { handler: handle16 },
-  "POST /dom/click": { handler: handle17 },
-  "POST /dom/keydown": { handler: handle18 },
-  "POST /dom/add": { handler: handle19 },
-  "POST /dom/remove": { handler: handle20 },
-  "POST /dom/modify": { handler: handle21 },
-  "POST /dom/set-file": { handler: handle22 },
-  "POST /dom/focus": { handler: handle23 },
-  "POST /dom/fill": { handler: handle24 },
-  "POST /dom/scroll": { handler: handle25 },
-  "POST /dom/scroll-to": { handler: handle26 },
-  "GET /emulation": { handler: handle27 },
-  "POST /emulation": { handler: handle28 },
-  "GET /throttle": { handler: handle29 },
-  "POST /throttle": { handler: handle30 },
-  "POST /storage/local": { handler: handle31 },
-  "POST /reload": { handler: handle32 },
-  "POST /shutdown": { handler: handle33 },
-  "GET /targets": { handler: handle34, extensionOnly: true },
-  "POST /attach": { handler: handle35, extensionOnly: true },
-  "POST /detach": { handler: handle36, extensionOnly: true }
+  "GET /auth/cookies": { handler: handle6 },
+  "POST /eval": { handler: handle7 },
+  "POST /trace/start": { handler: handle8 },
+  "POST /trace/stop": { handler: handle9 },
+  "POST /screenshot": { handler: handle10 },
+  "POST /snapshot": { handler: handle11 },
+  "POST /code/list": { handler: handle12 },
+  "POST /code/read": { handler: handle13 },
+  "POST /code/grep": { handler: handle14 },
+  "POST /dom/tree": { handler: handle15 },
+  "POST /dom/info": { handler: handle16 },
+  "POST /dom/hover": { handler: handle17 },
+  "POST /dom/click": { handler: handle18 },
+  "POST /dom/keydown": { handler: handle19 },
+  "POST /dom/add": { handler: handle20 },
+  "POST /dom/remove": { handler: handle21 },
+  "POST /dom/modify": { handler: handle22 },
+  "POST /dom/set-file": { handler: handle23 },
+  "POST /dom/focus": { handler: handle24 },
+  "POST /dom/fill": { handler: handle25 },
+  "POST /dom/scroll": { handler: handle26 },
+  "POST /dom/scroll-to": { handler: handle27 },
+  "GET /emulation": { handler: handle28 },
+  "POST /emulation": { handler: handle29 },
+  "GET /throttle": { handler: handle30 },
+  "POST /throttle": { handler: handle31 },
+  "POST /storage/local": { handler: handle32 },
+  "POST /reload": { handler: handle33 },
+  "POST /shutdown": { handler: handle34 },
+  "GET /targets": { handler: handle35, extensionOnly: true },
+  "POST /attach": { handler: handle36, extensionOnly: true },
+  "POST /detach": { handler: handle37, extensionOnly: true }
 };
 var dispatch = (req, res, url, ctx) => {
   const entry = routes[`${req.method} ${url.pathname}`];
@@ -7198,6 +7285,17 @@ var compileRule = (pattern) => {
 
 // ../argus-watcher/dist/cdp/redaction.js
 var SENSITIVE_KEYS = new Set(["token", "access_token", "auth", "authorization", "code", "password", "pass"]);
+var AUTH_HEADER_NAMES = new Set([
+  "authorization",
+  "cookie",
+  "x-api-key",
+  "x-auth-token",
+  "x-csrf-token",
+  "x-csrftoken",
+  "x-xsrf-token",
+  "csrf-token",
+  "xsrf-token"
+]);
 var redactUrl = (value) => {
   if (!value) {
     return value;
@@ -7229,6 +7327,76 @@ var redactUrl = (value) => {
   url.search = search ? `?${search}` : "";
   return url.toString();
 };
+var pickCapturedAuthHeaders = (headers) => {
+  if (!headers) {
+    return;
+  }
+  const captured = {};
+  for (const [name, rawValue] of Object.entries(headers)) {
+    const normalizedName = name.trim().toLowerCase();
+    if (!normalizedName || !AUTH_HEADER_NAMES.has(normalizedName)) {
+      continue;
+    }
+    const value = normalizeHeaderValue(rawValue);
+    if (!value) {
+      continue;
+    }
+    captured[normalizedName] = redactHeaderValue(normalizedName, value);
+  }
+  return Object.keys(captured).length > 0 ? captured : undefined;
+};
+var mergeCapturedAuthHeaders = (current, incoming) => {
+  if (!current) {
+    return incoming;
+  }
+  if (!incoming) {
+    return current;
+  }
+  return { ...current, ...incoming };
+};
+var normalizeHeaderValue = (value) => {
+  if (typeof value === "string") {
+    const trimmed = value.trim();
+    return trimmed || null;
+  }
+  if (typeof value === "number" || typeof value === "boolean") {
+    return String(value);
+  }
+  if (Array.isArray(value)) {
+    const joined = value.map((item) => normalizeHeaderValue(item)).filter((item) => Boolean(item)).join(", ");
+    return joined || null;
+  }
+  return null;
+};
+var redactHeaderValue = (name, value) => {
+  if (name === "authorization") {
+    return redactAuthorizationHeader(value);
+  }
+  if (name === "cookie") {
+    return redactCookieHeader(value);
+  }
+  return redactToken(value);
+};
+var redactAuthorizationHeader = (value) => {
+  const match = value.match(/^([A-Za-z]+)\s+(.+)$/);
+  if (!match) {
+    return redactToken(value);
+  }
+  return `${match[1]} ${redactToken(match[2])}`;
+};
+var redactCookieHeader = (value) => {
+  const parts = value.split(";").map((entry) => entry.trim()).filter(Boolean).map((entry) => {
+    const [name] = entry.split("=");
+    return name ? `${name}=<redacted>` : null;
+  }).filter((entry) => Boolean(entry));
+  return parts.join("; ");
+};
+var redactToken = (value) => {
+  if (value.length <= 8) {
+    return "*".repeat(value.length);
+  }
+  return `${value.slice(0, 4)}...${value.slice(-4)}`;
+};
 
 // ../argus-watcher/dist/cdp/networkCapture.js
 var createNetworkCapture = (options) => {
@@ -7242,6 +7410,7 @@ var createNetworkCapture = (options) => {
       requestId,
       url: "",
       method: "GET",
+      requestHeaders: undefined,
       resourceType: null,
       status: null,
       encodedDataLength: null,
@@ -7264,6 +7433,7 @@ var createNetworkCapture = (options) => {
       requestId: record.requestId,
       url: redactUrl(record.url),
       method: record.method,
+      requestHeaders: record.requestHeaders,
       resourceType: record.resourceType,
       status: record.status,
       encodedDataLength: record.encodedDataLength,
@@ -7281,9 +7451,19 @@ var createNetworkCapture = (options) => {
     const entry = getOrCreate(requestId);
     entry.url = payload.request?.url ?? entry.url;
     entry.method = payload.request?.method ?? entry.method;
+    entry.requestHeaders = mergeCapturedAuthHeaders(entry.requestHeaders, pickCapturedAuthHeaders(payload.request?.headers));
     entry.resourceType = payload.type ?? entry.resourceType;
     entry.startTime = typeof payload.timestamp === "number" ? payload.timestamp : entry.startTime;
   });
+  options.session.onEvent("Network.requestWillBeSentExtraInfo", (params) => {
+    const payload = params;
+    const requestId = payload.requestId;
+    if (!requestId) {
+      return;
+    }
+    const entry = getOrCreate(requestId);
+    entry.requestHeaders = mergeCapturedAuthHeaders(entry.requestHeaders, pickCapturedAuthHeaders(payload.headers));
+  });
   options.session.onEvent("Network.responseReceived", (params) => {
     const payload = params;
     const requestId = payload.requestId;
@@ -7292,6 +7472,7 @@ var createNetworkCapture = (options) => {
     }
     const entry = getOrCreate(requestId);
     entry.status = typeof payload.response?.status === "number" ? payload.response.status : entry.status;
+    entry.requestHeaders = mergeCapturedAuthHeaders(entry.requestHeaders, pickCapturedAuthHeaders(payload.response?.requestHeaders));
     entry.resourceType = payload.type ?? entry.resourceType;
   });
   options.session.onEvent("Network.loadingFinished", (params) => {
@@ -9735,7 +9916,7 @@ class SessionManager {
     const enabledDomains = new Set;
     const tabHandlers = new Map;
     this.eventHandlers.set(tabId, tabHandlers);
-    const handle37 = {
+    const handle38 = {
       isAttached: () => this.sessions.has(tabId),
       sendAndWait: async (method, params, options) => {
         if (!this.sessions.has(tabId)) {
@@ -9780,7 +9961,7 @@ class SessionManager {
       attachedAt: Date.now(),
       topFrameId: message.topFrameId ?? null,
       frames: message.frames ?? [],
-      handle: handle37,
+      handle: handle38,
       enabledDomains
     };
     this.sessions.set(tabId, session);
@@ -10067,6 +10248,7 @@ var createExtensionSource = (options) => {
   let currentSession = null;
   let stopping = false;
   const frameStateByTabId = new Map;
+  const delegatingSessions = new Set;
   const getCurrentExtensionSession = () => {
     if (!currentSession) {
       throw createNotAttachedError();
@@ -10077,6 +10259,7 @@ var createExtensionSource = (options) => {
     onAttach: (session) => {
       console.error(`[ExtensionSource] Tab attached: ${session.tabId} - ${session.url}`);
       currentSession = session;
+      rebindDelegatingSessions();
       seedFrameState(session);
       bootstrapAttachedSession(session);
     },
@@ -10085,6 +10268,7 @@ var createExtensionSource = (options) => {
       if (currentSession?.tabId === tabId) {
         currentSession = null;
       }
+      rebindDelegatingSessions();
       frameStateByTabId.delete(tabId);
       emitStatus(null, reason);
       events.onDetach?.(reason);
@@ -10129,6 +10313,7 @@ var createExtensionSource = (options) => {
   });
   const stop = async () => {
     stopping = true;
+    disposeDelegatingSessions();
     messaging.stop();
   };
   const listTargets = async () => {
@@ -10184,6 +10369,16 @@ var createExtensionSource = (options) => {
       pid: hostInfo.watcherPid
     });
   }
+  function rebindDelegatingSessions() {
+    for (const controller of delegatingSessions) {
+      controller.rebind();
+    }
+  }
+  function disposeDelegatingSessions() {
+    for (const controller of delegatingSessions) {
+      controller.dispose();
+    }
+  }
   async function bootstrapAttachedSession(session) {
     try {
       registerSessionEventHandlers(session);
@@ -10472,6 +10667,31 @@ var createExtensionSource = (options) => {
     }
   }
   function createDelegatingSession(config) {
+    const subscriptions = new Set;
+    const rebindSubscriptions = () => {
+      for (const subscription of subscriptions) {
+        subscription.unbind();
+        if (!currentSession) {
+          continue;
+        }
+        subscription.off = currentSession.handle.onEvent(subscription.method, subscription.handler);
+      }
+    };
+    const disposeSubscriptions = () => {
+      for (const subscription of subscriptions) {
+        subscription.unbind();
+      }
+      subscriptions.clear();
+    };
+    const controller = {
+      rebind: rebindSubscriptions,
+      dispose: () => {
+        disposeSubscriptions();
+        delegatingSessions.delete(controller);
+      }
+    };
+    delegatingSessions.add(controller);
+    controller.rebind();
     return {
       isAttached: () => currentSession?.handle.isAttached() ?? false,
       sendAndWait: async (method, params, options2) => {
@@ -10482,10 +10702,13 @@ var createExtensionSource = (options) => {
         return session.handle.sendAndWait(method, nextParams, nextOptions);
       },
       onEvent: (method, handler) => {
-        if (!currentSession) {
-          return () => {};
-        }
-        return currentSession.handle.onEvent(method, handler);
+        const subscription = createDelegatingEventSubscription(method, handler);
+        subscriptions.add(subscription);
+        controller.rebind();
+        return () => {
+          subscription.unbind();
+          subscriptions.delete(subscription);
+        };
       },
       getTargetContext: config.getTargetContext
     };
@@ -10499,6 +10722,15 @@ var tabToTarget = (tab) => ({
   faviconUrl: tab.faviconUrl,
   attached: tab.attached
 });
+var createDelegatingEventSubscription = (method, handler) => ({
+  method,
+  handler,
+  off: null,
+  unbind() {
+    this.off?.();
+    this.off = null;
+  }
+});
 
 // ../argus-watcher/dist/index.js
 var startWatcher = async (options) => {
@@ -10520,7 +10752,7 @@ var startWatcher = async (options) => {
   const logsDir = path7.join(artifactsBaseDir, "logs");
   const includeTimestamps = options.artifacts?.logs?.includeTimestamps ?? false;
   const maxFiles = resolveMaxFiles(options.artifacts?.logs?.maxFiles);
-  const netEnabled = sourceMode === "cdp" && options.net?.enabled === true;
+  const netEnabled = options.net?.enabled === true;
   const pageConsoleLogging = options.pageConsoleLogging ?? "minimal";
   const events = new Emittery;
   const buffer = new LogBuffer(bufferSize);
@@ -10672,6 +10904,37 @@ var startWatcher = async (options) => {
       console.warn(`[Watcher] Failed to run inject script for watcher ${record.id}: ${formatError4(error)}`);
     }
   };
+  const handleSourceLog = (event) => {
+    buffer.add(event);
+    fileLogger?.writeEvent(event);
+  };
+  const handlePageNavigation = (info) => {
+    fileLogger?.rotate(info);
+    onIndicatorNavigation(getIndicatorSession(), info);
+    runtimeEditor?.reset();
+  };
+  const handlePageIntl = (info) => {
+    fileLogger?.setPageIntl(info);
+  };
+  const handleSourceAttach = async (session, target) => {
+    runtimeEditor?.rebind();
+    await emulationController.onAttach(session);
+    await throttleController.onAttach(session);
+    await networkCapture?.onAttached();
+    onIndicatorAttach(session, target);
+    await maybeInjectOnAttach(session, target);
+  };
+  const handleTargetChanged = (session, target) => {
+    onIndicatorAttach(session, target);
+  };
+  const handleSourceDetach = (reason) => {
+    runtimeEditor?.rebind();
+    networkCapture?.onDetached();
+    indicatorController?.onDetach();
+    if (reason != null) {
+      traceRecorder.onDetached(reason);
+    }
+  };
   let sourceHandle;
   let networkCapture = null;
   let traceRecorder;
@@ -10680,33 +10943,15 @@ var startWatcher = async (options) => {
   if (sourceMode === "extension") {
     sourceHandle = createExtensionSource({
       events: {
-        onLog: (event) => {
-          buffer.add(event);
-          fileLogger?.writeEvent(event);
-        },
+        onLog: handleSourceLog,
         onStatus: updateCdpStatus,
-        onPageNavigation: (info) => {
-          fileLogger?.rotate(info);
-          onIndicatorNavigation(getIndicatorSession(), info);
-          runtimeEditor?.reset();
-        },
+        onPageNavigation: handlePageNavigation,
         onPageLoad: onIndicatorLoad,
-        onPageIntl: (info) => {
-          fileLogger?.setPageIntl(info);
-        },
-        onAttach: async (session, target) => {
-          runtimeEditor?.rebind();
-          await emulationController.onAttach(session);
-          await throttleController.onAttach(session);
-          onIndicatorAttach(session, target);
-          await maybeInjectOnAttach(session, target);
-        },
-        onTargetChanged: (session, target) => {
-          onIndicatorAttach(session, target);
-        },
+        onPageIntl: handlePageIntl,
+        onAttach: handleSourceAttach,
+        onTargetChanged: handleTargetChanged,
         onDetach: () => {
-          runtimeEditor?.rebind();
-          indicatorController?.onDetach();
+          handleSourceDetach();
         }
       },
       watcherId,
@@ -10715,6 +10960,7 @@ var startWatcher = async (options) => {
       ignoreMatcher: ignoreMatcher ? (url) => ignoreMatcher.matches(url) : null,
       stripUrlPrefixes: stripUrlPrefixes2
     });
+    networkCapture = netBuffer ? createNetworkCapture({ session: sourceHandle.pageSession ?? sourceHandle.session, buffer: netBuffer }) : null;
     traceRecorder = createTraceRecorder({ session: sourceHandle.session, artifactsDir: artifactsBaseDir });
     screenshotter = createScreenshotter({ session: sourceHandle.session, artifactsDir: artifactsBaseDir });
     runtimeEditor = createRuntimeEditor(sourceHandle.session);
@@ -10728,33 +10974,14 @@ var startWatcher = async (options) => {
       match: options.match,
       sessionHandle,
       events: {
-        onLog: (event) => {
-          buffer.add(event);
-          fileLogger?.writeEvent(event);
-        },
+        onLog: handleSourceLog,
         onStatus: updateCdpStatus,
-        onPageNavigation: (info) => {
-          fileLogger?.rotate(info);
-          onIndicatorNavigation(sessionHandle.session, info);
-          runtimeEditor?.reset();
-        },
+        onPageNavigation: handlePageNavigation,
         onPageLoad: onIndicatorLoad,
-        onPageIntl: (info) => {
-          fileLogger?.setPageIntl(info);
-        },
-        onAttach: async (session, target) => {
-          runtimeEditor?.rebind();
-          await emulationController.onAttach(session);
-          await throttleController.onAttach(session);
-          await networkCapture?.onAttached();
-          onIndicatorAttach(session, target);
-          await maybeInjectOnAttach(session, target);
-        },
+        onPageIntl: handlePageIntl,
+        onAttach: handleSourceAttach,
         onDetach: (reason) => {
-          runtimeEditor?.rebind();
-          networkCapture?.onDetached();
-          traceRecorder.onDetached(reason);
-          indicatorController?.onDetach();
+          handleSourceDetach(reason);
         }
       },
       watcherId,
@@ -11396,15 +11623,16 @@ var runStart = async (options) => {
     artifactsBaseDir = resolvePath(trimmed);
   }
   const inject = await resolveInjectScript(options.inject, output);
-  let handle37;
+  let handle38;
   try {
-    handle37 = await startWatcher({
+    handle38 = await startWatcher({
       id: watcherId,
       source: "cdp",
       match: Object.keys(match).length > 0 ? match : undefined,
       chrome: { host: chrome.cdpHost, port: chrome.cdpPort },
       host: "127.0.0.1",
       port: 0,
+      net: { enabled: true },
       pageIndicator: options.pageIndicator === false ? { enabled: false } : { enabled: true },
       artifacts: artifactsBaseDir ? { base: artifactsBaseDir } : undefined,
       pageConsoleLogging: options.pageConsoleLogging,
@@ -11418,7 +11646,7 @@ var runStart = async (options) => {
   }
   const shutdown = async () => {
     try {
-      await handle37.close();
+      await handle38.close();
     } catch {}
     await chrome.closeGracefully();
   };
@@ -11434,23 +11662,23 @@ var runStart = async (options) => {
         rmSync2(chrome.userDataDir, { recursive: true, force: true });
       } catch {}
     }
-    handle37.close().then(() => process.exit(0));
+    handle38.close().then(() => process.exit(0));
   });
-  handle37.events.on("cdpAttached", ({ target }) => {
+  handle38.events.on("cdpAttached", ({ target }) => {
     const typeInfo = target?.type ? ` (type: ${target.type})` : "";
     output.writeHuman(`[${watcherId}] CDP attached: ${target?.title} (${target?.url})${typeInfo}`);
   });
-  handle37.events.on("cdpDetached", ({ reason, target }) => {
+  handle38.events.on("cdpDetached", ({ reason, target }) => {
     output.writeHuman(`[${watcherId}] CDP detached: ${reason} (last target: ${target?.title})`);
   });
   const result = {
-    id: handle37.watcher.id,
+    id: handle38.watcher.id,
     chromePid: chrome.chrome.pid,
     cdpHost: chrome.cdpHost,
     cdpPort: chrome.cdpPort,
-    watcherHost: handle37.watcher.host,
-    watcherPort: handle37.watcher.port,
-    watcherPid: handle37.watcher.pid
+    watcherHost: handle38.watcher.host,
+    watcherPort: handle38.watcher.port,
+    watcherPid: handle38.watcher.pid
   };
   if (options.json) {
     output.writeJson(result);
@@ -12271,15 +12499,16 @@ var runWatcherStart = async (options) => {
   if (options.parent?.trim()) {
     match.parent = options.parent.trim();
   }
-  let handle37;
+  let handle38;
   try {
-    handle37 = await startWatcher({
+    handle38 = await startWatcher({
       id: watcherId,
       source: sourceMode,
       match: sourceMode === "cdp" && Object.keys(match).length > 0 ? match : undefined,
       chrome: sourceMode === "cdp" ? { host: chromeHost, port: chromePort } : undefined,
       host: "127.0.0.1",
       port: 0,
+      net: { enabled: true },
       pageIndicator: options.pageIndicator === false ? { enabled: false } : { enabled: true },
       artifacts: artifactsBaseDir ? { base: artifactsBaseDir } : undefined,
       pageConsoleLogging: options.pageConsoleLogging,
@@ -12291,10 +12520,10 @@ var runWatcherStart = async (options) => {
     return;
   }
   const result = {
-    id: handle37.watcher.id,
-    host: handle37.watcher.host,
-    port: handle37.watcher.port,
-    pid: handle37.watcher.pid,
+    id: handle38.watcher.id,
+    host: handle38.watcher.host,
+    port: handle38.watcher.port,
+    pid: handle38.watcher.pid,
     source: sourceMode,
     matchUrl: match.url,
     matchType: match.type,
@@ -12307,7 +12536,7 @@ var runWatcherStart = async (options) => {
   };
   const cleanup = async () => {
     try {
-      await handle37.close();
+      await handle38.close();
     } catch {}
   };
   process.on("SIGINT", () => {
@@ -12316,12 +12545,12 @@ var runWatcherStart = async (options) => {
   process.on("SIGTERM", () => {
     cleanup().then(() => process.exit(0));
   });
-  handle37.events.on("cdpAttached", ({ target }) => {
+  handle38.events.on("cdpAttached", ({ target }) => {
     const typeInfo = target?.type ? ` (type: ${target.type})` : "";
-    output.writeHuman(`[${handle37.watcher.id}] CDP attached: ${target?.title} (${target?.url})${typeInfo}`);
+    output.writeHuman(`[${handle38.watcher.id}] CDP attached: ${target?.title} (${target?.url})${typeInfo}`);
   });
-  handle37.events.on("cdpDetached", ({ reason, target }) => {
-    output.writeHuman(`[${handle37.watcher.id}] CDP detached: ${reason} (last target: ${target?.title})`);
+  handle38.events.on("cdpDetached", ({ reason, target }) => {
+    output.writeHuman(`[${handle38.watcher.id}] CDP detached: ${reason} (last target: ${target?.title})`);
   });
   if (options.json) {
     output.writeJson(result);
@@ -12533,23 +12762,24 @@ var checkWatcherReachable = async (watcher) => {
 // dist/commands/watcherNativeHost.js
 var runWatcherNativeHost = async (options) => {
   const watcherId = options.id?.trim() || "extension";
-  let handle37;
+  let handle38;
   try {
-    handle37 = await startWatcher({
+    handle38 = await startWatcher({
       id: watcherId,
       source: "extension",
       host: "127.0.0.1",
       port: 0,
+      net: { enabled: true },
       pageIndicator: { enabled: true }
     });
   } catch (error) {
     console.error(`Failed to start watcher: ${error instanceof Error ? error.message : error}`);
     process.exit(1);
   }
-  console.error(`[NativeHost] Watcher started: id=${handle37.watcher.id} port=${handle37.watcher.port}`);
+  console.error(`[NativeHost] Watcher started: id=${handle38.watcher.id} port=${handle38.watcher.port}`);
   const cleanup = async () => {
     try {
-      await handle37.close();
+      await handle38.close();
     } catch {}
   };
   process.on("SIGINT", () => {
@@ -13701,6 +13931,195 @@ Examples:
   });
 }
 
+// dist/commands/auth.js
+import { writeFile } from "node:fs/promises";
+var COOKIE_EXPORT_FORMATS = new Set(["netscape", "json", "header"]);
+var runAuthCookies = async (id, options) => {
+  const output = createOutput(options);
+  const includeValues = options.showValues === true;
+  const response = await fetchAuthCookies(id, { domain: options.domain, includeValues }, output);
+  if (!response) {
+    return;
+  }
+  const cookies2 = filterCookies(response.origin, response.cookies, options);
+  if (options.json) {
+    output.writeJson({ ...response, cookies: cookies2 });
+    return;
+  }
+  if (cookies2.length === 0) {
+    output.writeHuman("No cookies matched.");
+    return;
+  }
+  for (const cookie of cookies2) {
+    output.writeHuman(formatCookieLine(cookie, includeValues));
+  }
+};
+var runAuthExportCookies = async (id, options) => {
+  const output = createOutput({});
+  const format = normalizeExportFormat(options.format);
+  if (!format) {
+    output.writeWarn(`Invalid --format value: ${options.format}. Expected one of: netscape, json, header.`);
+    process.exitCode = 2;
+    return;
+  }
+  const response = await fetchAuthCookies(id, { domain: options.domain, includeValues: true }, output);
+  if (!response) {
+    return;
+  }
+  const serialized = serializeCookies(filterCookies(response.origin, response.cookies, options), format);
+  await writeOutput(serialized, options.out);
+};
+var fetchAuthCookies = async (id, input, output) => {
+  const result = await requestWatcherJson({
+    id,
+    path: "/auth/cookies",
+    query: buildCookieQuery(input),
+    timeoutMs: 1e4
+  });
+  if (!result.ok) {
+    writeRequestError(result, output);
+    return null;
+  }
+  return result.data;
+};
+var buildCookieQuery = (input) => {
+  const params = new URLSearchParams;
+  if (input.domain?.trim()) {
+    params.set("domain", input.domain.trim());
+  }
+  if (input.includeValues) {
+    params.set("includeValues", "true");
+  }
+  return params;
+};
+var filterCookies = (origin, cookies2, options) => {
+  const originHost = options.forOrigin ? getOriginHost(origin) : null;
+  return cookies2.filter((cookie) => matchesCookieFilters(cookie, originHost, options));
+};
+var matchesCookieFilters = (cookie, originHost, options) => {
+  if (options.sessionOnly && !cookie.session) {
+    return false;
+  }
+  if (options.httpOnly && !cookie.httpOnly) {
+    return false;
+  }
+  if (options.secure && !cookie.secure) {
+    return false;
+  }
+  if (originHost && !matchesCookieDomain(cookie.domain, originHost)) {
+    return false;
+  }
+  if (options.excludeTracking && isTrackingCookieName(cookie.name)) {
+    return false;
+  }
+  return true;
+};
+var formatCookieLine = (cookie, showValues) => {
+  const flags = [formatExpiryFlag(cookie), cookie.httpOnly ? "httpOnly" : null, cookie.secure ? "secure" : null, formatSameSiteFlag(cookie)].filter(Boolean).join(",");
+  const value = resolveCookieValue(cookie, showValues);
+  const flagSuffix = flags ? ` [${flags}]` : "";
+  const valueSuffix = value ? ` ${value}` : "";
+  return `${cookie.name} ${cookie.domain}${cookie.path}${flagSuffix}${valueSuffix}`.trim();
+};
+var formatExpiryFlag = (cookie) => {
+  if (cookie.session) {
+    return "session";
+  }
+  if (cookie.expires != null) {
+    return `exp=${Math.trunc(cookie.expires)}`;
+  }
+  return null;
+};
+var formatSameSiteFlag = (cookie) => {
+  if (!cookie.sameSite) {
+    return null;
+  }
+  return `sameSite=${cookie.sameSite}`;
+};
+var resolveCookieValue = (cookie, showValues) => {
+  if (showValues && cookie.value != null) {
+    return cookie.value;
+  }
+  return cookie.valuePreview ?? "";
+};
+var normalizeExportFormat = (format) => {
+  if (!format)
+    return "netscape";
+  if (!COOKIE_EXPORT_FORMATS.has(format)) {
+    return null;
+  }
+  switch (format) {
+    case "netscape":
+    case "json":
+    case "header":
+      return format;
+    default:
+      return null;
+  }
+};
+var formatCookiesAsNetscape = (cookies2) => {
+  const lines = ["# Netscape HTTP Cookie File", "# This file was generated by Argus.", ""];
+  for (const cookie of cookies2) {
+    lines.push([
+      formatNetscapeDomain(cookie),
+      cookie.domain.startsWith(".") ? "TRUE" : "FALSE",
+      cookie.path,
+      cookie.secure ? "TRUE" : "FALSE",
+      String(cookie.session ? 0 : Math.max(0, Math.trunc(cookie.expires ?? 0))),
+      cookie.name,
+      cookie.value ?? ""
+    ].join("\t"));
+  }
+  return lines.join(`
+`);
+};
+var formatNetscapeDomain = (cookie) => cookie.httpOnly ? `#HttpOnly_${cookie.domain}` : cookie.domain;
+var formatCookiesAsHeader = (cookies2) => `Cookie: ${cookies2.map((cookie) => `${cookie.name}=${cookie.value ?? ""}`).join("; ")}`;
+var serializeCookies = (cookies2, format) => {
+  switch (format) {
+    case "netscape":
+      return formatCookiesAsNetscape(cookies2);
+    case "json":
+      return JSON.stringify(cookies2, null, 2);
+    case "header":
+      return formatCookiesAsHeader(cookies2);
+  }
+};
+var writeOutput = async (content, outPath) => {
+  const withTrailingNewline = content.endsWith(`
+`) ? content : `${content}
+`;
+  if (outPath) {
+    await writeFile(outPath, withTrailingNewline, "utf8");
+    return;
+  }
+  process.stdout.write(withTrailingNewline);
+};
+
+// dist/cli/register/registerAuth.js
+function registerAuth(program2) {
+  const auth = program2.command("auth").description("List and export browser auth cookies");
+  addCookieScopeOptions(auth.command("cookies"), "Only include first-party cookies for the attached page origin").argument("[id]", "Watcher id").description("List cookies for the attached page").option("--domain <domain>", "Filter cookies by domain suffix").option("--session-only", "Show only session cookies").option("--http-only", "Show only HttpOnly cookies").option("--secure", "Show only Secure cookies").option("--show-values", "Reveal raw cookie values instead of previews").option("--json", "Output JSON for automation").addHelpText("after", `
+Examples:
+  $ argus auth cookies app
+  $ argus auth cookies app --for-origin --exclude-tracking
+  $ argus auth cookies app --domain example.com
+  $ argus auth cookies app --session-only --show-values
+`).action(async (id, options) => {
+    await runAuthCookies(id, options);
+  });
+  addCookieScopeOptions(auth.command("export-cookies"), "Only include first-party cookies for the attached page origin").argument("[id]", "Watcher id").description("Export cookies for companion CLIs and HTTP clients").option("--format <format>", "Export format: netscape (default), json, or header").option("--domain <domain>", "Filter cookies by domain suffix").option("--out <path>", "Write the export to a file instead of stdout").addHelpText("after", `
+Examples:
+  $ argus auth export-cookies app --format netscape
+  $ argus auth export-cookies app --for-origin --exclude-tracking
+  $ argus auth export-cookies app --format header
+  $ argus auth export-cookies app --out cookies.txt
+`).action(async (id, options) => {
+    await runAuthExportCookies(id, options);
+  });
+}
+var addCookieScopeOptions = (command, forOriginDescription) => command.option("--for-origin", forOriginDescription).option("--exclude-tracking", "Hide common analytics/tracking cookies such as _ga and _ym");
+
 // dist/eval/evalClient.js
 var evalOnce = async (input) => {
   const url = `http://${input.watcher.host}:${input.watcher.port}/eval`;
@@ -39007,6 +39426,7 @@ registerWatcher(program2);
 registerPage(program2);
 registerLogs(program2);
 registerNet(program2);
+registerAuth(program2);
 registerEval(program2);
 registerCode(program2);
 registerDom(program2);